Research On Business Process Anomaly Handling Analysis Based On Online Conformance Checking

Enterprise management systems record a large amount of unstructured data,and it is difficult for traditional data mining and business processes to handle such data.Process mining technology from a behavioral perspective,linking event data and process models,can well sort out business processes and empower enterprise management.And how a large amount of offline data can be applied to real-time business process monitoring is where the difficulty of research lies.The offline business process management of the post-inspection is more well developed,and the research for the online working condition is the focus of this paper.Fully study the offline state of effective low-frequency,conformance checking of the operating mechanism for online swift check and anomaly detection to provide judgment indicators and detection conditions.Online and offline are combined to jointly complete the online detection of business processes.The main contributions of this paper include.(1)In offline business process mining,logs with low-frequency occurrence are generally treated as noise to ensure the quality of the model,but there may be valuable information in these logs.To find out the effective infrequent behaviors from the low-frequency logs,a discovery method based on Petri net metric is proposed to use the F-score originally used to evaluate the model as a dynamic determination criterion to solve the drawback that the traditional threshold is difficult to determine,and only the infrequent behaviors that can improve the F-score of the model are added to the model and processed sequentially until all the effective infrequent behaviors are found.A noise removal algorithm based on the inter-trace distance is also proposed,which has a better effect on removing incomplete logs.(2)To verify the conformance between event stream and model,save resources and improve detection efficiency,an approximate detection method that does not need to build a model.,clusters the existing logs,selects representative traces to build model support and calculates the upper and lower bounds of fitness as the basis of consistency judgment.During the online operation of the system,the event flow is temporarily stored in the event stack,and the event sequence is only taken out at the key nodes for conformance checking with the model support.(3)To check whether the online event stream generates anomalies,an anomaly detection condition construction method based on activities and activity attributes is proposed.The activities are divided into different mining units based on the behavioral profile relationship between activities,and association rules are mined using the correlation relationship between activities and attributes,and the rules that satisfy a certain confidence level will generate anomaly detection conditions.A statistical distribution test algorithm based on behavioral profiles is also proposed for large-scale fast anomaly detection.All the proposed algorithms are implemented in the PM4 PY framework and applied in experimental simulation.The performance is evaluated through actual cases and compared with other methods.The results show that the algorithm is effective and feasible.Figure 23 Table 11 Reference 71...